Thursday, December 1, 2022
HomeCloud ComputingStrive Automating a YubiKey Button Press

Strive Automating a YubiKey Button Press


A couple of weeks in the past, my daughter (Noa, 9) and son (Ethan, 7) sat in my house workplace minding their very own enterprise (iPads).

Then my son requested me:

  • Son“Dad, why do it is advisable to contact that “factor” over there?”
  • Me“Oh, that’s an ideal query! That “factor” is named “YubiKey”. It’s a straightforward and quick method to safe and entry my accounts. For instance, to entry my Gmail account, I have to enter a password AND bodily press the important thing
  • Son: “Bodily press the important thing? mmm… can’t you ask Alexa or Siri?” (He’s a HUGE fan of Alexa)
  • Me: “hehe, no no no, the YubiKey was really designed for a human contact. The gold aspect you see there may be meant to reply to a full finger contact
  • Daughter: “Dad, why didn’t you automate that??” (She is aware of me effectively 😉)
  • Me: “First, I don’t suppose that it may be automated… Second, why ought to I automate a YubiKey press??
  • Daughter: “Why not? It feels like a enjoyable problem. No??

How does the YubiKey work? 🤔

YubiKeyYubiKey is a tool that makes two-factor authentication utilizing a single button. Every YubiKey gadget has a novel configuration to generate distinctive codes that verify your id.

On a really excessive degree, the YubiKey has a capacitive contact sensor that measures your physique’s capacitance to the bottom (i.e., while you contact the plate, you might be rising capacitance).

Every capacitive sensor has a particular configuration/algorithm to recalibrate. Often, when you un-touch the plate (i.e., take away the extra capacitance), it’ll reset the recalibration timer.

Along with the recalibration algorithm, the capacitive contact space and capacitive contact sensitivity are pre-configured and can’t be modified.

So… Can we automate a YubiKey button press? 🙄 

I suppose that the reply is No & Sure. Let’s reply the next questions:

  • Can we script the YubiKey button press – No
  • Can we leverage a “Good Change Button Pusher to push a button – Sure
  • Can we leverage API calls to regulate the “Good Change Button Pusher” – Sure
  • Can we script the API calls – Sure
  • And the largest query of all…  Can we “trick” the YubiKey capacitive contact sensor to work with OTHER objects than a human determine? – Sure (There are a number of methods to try this. The frequent floor to all is the necessity to hook the capacitive sensor in direction of the bottom, so it’ll “assume” it’s conductive as a human determine/sufficient).

Automation “Substances” 🗒

  1. YubiKeyYubiKey 5 or 5C (I used the 5C NFC)
  2. Electrical energy conductor (I used a normal “emergency door pin key”)
  3. Capacitive sensor set off – I used a headphone cable (Headphone wires are negatively charged and often coated with rubber. The friction of the wires is chargeable for the induction of cost. When the Headphone jack touches the capacitive contact, it’s thought-about as a contact)
  4. Good Change Button Pusher (I used a SwitchBot, however others will work as effectively)
  5. Lego bricks 🙂
  6. curl/AppleScript/Python/PowerShell (What works greatest for you?)

⭐️ And the end result is… YubiKey Auto-Button Presser! ⭐️

The Setup:

YubiKey

The Code:

curl:

do shell script "curl -X POST https://api.switch-bot.com/v1.0/gadgets/E3233xxxx/instructions --header 'Authorization: Bearer xxxx' --header 'Content material-Sort: software/json' --data-raw '{"command": "turnOn", "parameter": "default", "commandType": "press"}'"

Python:

import requests
import json
​
url = "https://api.switch-bot.com/v1.0/gadgets/E3233xxxx/instructions"
​
payload = json.dumps({
"command": "turnOn",
"parameter": "default",
"commandType": "press"
})
headers = {
'Authorization': 'Bearer xxx',
'Content material-Sort': 'software/json'
}
​
response = requests.request("POST", url, headers=headers, information=payload)

PowerShell:

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", "Bearer xxx")
$headers.Add("Content material-Sort", "software/json")
​
$physique = "{`n `"command`": `"turnOn`",`n `"parameter`": `"default`",`n `"commandType`": `"press`"`n}"$response = Invoke-RestMethod 'https://api.switch-bot.com/v1.0/gadgets/E3233xxxx/instructions' -Technique 'POST' -Headers $headers -Physique $physique
$response | ConvertTo-Json

The movies:

Triggering a YubiKey button press utilizing curl command

Triggering a YubiKey button press utilizing AppleScript

Triggering a YubiKey button press utilizing voice command

Last Ideas 💡

Sure, it was a enjoyable problem, and I may automate the YubiKey button press. However does it actually have to be automated? Properly, my automation perspective is:

  • Not EVERYTHING must be automated
  • There isn’t any single excellent automation software. Choose a software that greatest serves you and the customers
  • Don’t reinvent the wheel, leverage current instruments, options, and sources

What must be automated? For instance (attempting to maintain it easy 🙂):

  • Time-consuming and repetitive duties
  • Duties inclined for human-errors
  • Duties that have to be monitored/alerted

Humorous Anecdote 
I’m sitting for too many hours… Sure, I’ve a standing desk, however I’m “forgetting” to make use of it. Sure, I even scheduled reminders to face and stretch, however I preserve clicking on “dismiss.” So, my newest “innovation” is to attach the YubiKey utilizing an extended USB-C cable. Each time I have to press the YoubiKey button, I MUST get up and stroll (a number of steps) to the YubiKey.

Let’s see how effectively that works… 😉

Associated sources:

  • I’m utilizing Cisco Duo multi-factor authentication (MFA) for all my delicate apps and information, which is the best and best method to be sure to are who you say you might be.
  •  Need to discover extra about safety, YubiKey, and MFA?
    Try the DevNet Safety Dev Middle.
  • Need to study extra about how YubiKey can be utilized with IoT-related initiatives and APIs?
    Try the DevNet IoT Dev Middle.

We’d love to listen to what you suppose. Ask a query or go away a remark beneath.
And keep related with Cisco DevNet on social!

LinkedIn | Twitter @CiscoDevNet | Fb Developer Video Channel

Share:



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments